15 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-8386
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of...
Security Bulletin: IBM Db2® Warehouse has released a fix in response to multiple vulnerabilities found in IBM Db2®
Summary IBM has released the following fix for IBM Db2® Warehouse in response to multiple vulnerabilities found in IBM Db2®. Vulnerability Details CVEID:CVE-2015-8383 DESCRIPTION: PCRE is vulnerable to a heap-based buffer overflow, caused by the improper handling of certain repeated conditional...
RHEL 5 : pcre (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pcre: Integer overflow caused by missing check for certain conditions 8.38/31 CVE-2015-8394 - The match...
RHEL 6 / 7 : rh-mariadb100-mariadb (RHSA-2016:1132)
The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:1132 advisory. MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. MariaD...
Security Bulletin: Multiple vulnerabilities in IBM Db2 may affect IBM Storage Protect Server.
Summary IBM Storage Protect Server uses IBM Db2 and may be affected by multiple vulnerabilities which could lead to denial of service, remote code execution or loss of confidentiality, integrity or availability. CVE-2015-8383, CVE-2015-8381, CVE-2015-8386, CVE-2015-8388, CVE-2015-8385,...
Amazon Linux AMI : glib2 (ALAS-2023-1769)
The version of glib2 installed on the remote host is prior to 2.36.3-5.25. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1769 advisory. PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote...
Medium: glib2
Issue Overview: PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a...
Arbitrary Code Execution
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The rh-php56 packages provide a recent stable release of PHP with PEAR 1.9.5 and enhanced language features including constant expressions, variadic functions, arguments unpacking, and the interactive debuger. T...
GLSA-201607-02 : libpcre: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201607-02 libpcre: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in libpcre. Please review the CVE identifiers referenced below for details. Impact : An attacker can possibly execute arbitrary code or crea...
RedHat Update for pcre RHSA-2016:1025-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for pcre CESA-2016:1025 centos7
Check the version of pcre SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882492";...
Oracle Linux 7 : pcre (ELSA-2016-1025)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-1025 advisory. - Fix CVE-2015-2328 infinite recursion compiling pattern with recursive reference in a group with indefinite repeat bug 1330508 - Fix CVE-2015-8385...
Scientific Linux Security Update : pcre on SL7.x x86_64 (20160511)
Security Fixes : - Multiple flaws were found in the way PCRE handled malformed regular expressions. An attacker able to make an application using PCRE process a specially crafted regular expression could use these flaws to cause the application to crash or, possibly, execute arbitrary code...
FreeBSD : php -- multiple vulnerabilities (85eb4e46-cf16-11e5-840f-485d605f4717)
PHP reports : - Core : - Fixed bug 71039 exec functions ignore length but look for NULL termination. - Fixed bug 71323 Output of streamgetmetadata can be falsified by its input. - Fixed bug 71459 Integer overflow in iptcembed. - PCRE : - Upgraded bundled PCRE library to 8.38.CVE-2015-8383,...
CVE-2015-8386
Summary (CVE-2015-8386) PCRE before 8.38 mishandles the interaction between lookbehind assertions and mutually recursive subpatterns in crafted regular expressions, allowing remote attackers to cause a denial of service (buffer overflow) or potentially other impact. This vulnerability affects the...